Unrated severityNVD Advisory· Published Dec 25, 2021· Updated Aug 4, 2024

CVE-2021-41788

Description

MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. (Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

CVE-2021-41788 is a vulnerability in MediaTek Wi-Fi chipsets where authentication flooding mishandling can lead to denial of service.

Vulnerability

CVE-2021-41788 affects MediaTek microchips, including MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, and MT7915, with software version 7.4.0.0 [1]. The vulnerability involves mishandling of Wi-Fi authentication flooding attempts, as used in NETGEAR and other devices [2].

Exploitation

An attacker can exploit this vulnerability by sending a large number of Wi-Fi authentication requests from within wireless range. No authentication or user interaction is required. The device fails to properly handle the flood, leading to resource exhaustion [2].

Impact

Successful exploitation results in denial of service, causing the affected device to become unresponsive or crash, disrupting Wi-Fi connectivity for legitimate users [2]. The impact is limited to availability.

Mitigation

NETGEAR has released firmware updates for many affected products, including EAX11v2 (1.0.3.34), EX2700 (1.0.1.72), and WAX202 (1.0.5.1) [2]. Users should update to the latest firmware. No workarounds are available. For other devices, contact the manufacturer for patches. MediaTek's January 2022 security bulletin lists this CVE as medium severity [1].

References

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

MediaTek/microchipsdescription
Netgear/Multiple Productsllm-create
Mediatek/MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915llm-create
Range: 7.4.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

corp.mediatek.com/product-security-bulletin/January-2022mitrex_refsource_CONFIRM
kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000